Thicket™ Family of Source Code Obfuscators

Semantic Designs offers robust technology and a wider variety
of language obfuscators than any other company, making us
the premier supplier of source code obfuscator tools.

Concept

A source code obfuscator accepts a program source file, and
generates another functionally equivalent source file which is much harder to
understand or reverse-engineer. This is useful for technical protection of
intellectual property when:

source code must be delivered for public execution purposes (with interpretive languages like ECMAScript in web pages)

commerical components must be delivered in source form for direct integration by a customer into his end product (portable applications in C or PHP etc.,
code libraries or hardware components coded in Verilog or VHDL)

object code still contains too many clues (such as class public methods used only inside an application, as with Java class files)

Semantic Designs' Obfuscation tools generally strip comments,
remove nice indentation and whitespace, encode constants in
inconveniently readable ways, and rename identifiers in source (for
variables, functions, etc.) from their original (presumably
self-explanatory) name to nonsense names that convey no information. A
programmer-supplied file controls whether certain names are preserved
(to ensure continued access to published external APIs). This makes
it straightforward for application development to continue, and yet
still easily obfuscate new application versions.

It still does exactly the same thing as the original, but it is far more difficult
to guess what the variables do. If a thief doesn't know the intended
purpose of the variables, he can hardly claim it as his own, let alone
modify it in competitive ways.
Some names are purposely not scrambled because access to public APIs must be preserved.
For most languages (as in this case), indentation and line breaks are removed, to make
it that much more inconvenient to analyze.
The larger the code, the uglier the obfuscated result gets
(see sample codes for language-specific Obfuscators via
the corresponding product web page via links below),
and it gets correspondingly difficult to reverse engineer.

Warning: obfuscators do not stop reverse-engineering efforts by
really determined opponents. In fact, no protection scheme will.
Rather, obfuscators are like good locks on bank vaults,
in that they stop most thieves because the work is simply
too much trouble, and immediately frustrate the amateurs that try. Obfuscation
can also help signal your clear legal intent to protect your code;
a thief must first actively de-obfuscate it, and that act alone
can be used an indicator of his intentions versus those of honest users.

Technology

Many conventional obfuscation tools use ad hoc string processing
methods to carry out the obfuscation process, or operate on binary
files. String processing can sometimes work, but it often fails when
multiple statements per line, nested comments, comments around
incomplete blocks of code or keywords, obscure language features such
as escapes in quoted strings, odd casing conventions for names, etc.
are encountered, as they always are in large systems of software.
This is because programming languages have complex formation
and name resolution rules, and so processing them reliably
usually requires a complete language parse, not string hacking.
Failure to process the program correctly could produce an obfuscated
version that is broken. Binary obfuscators can work quite well, but
are generally limited to a standard simple binary formats (e.g., Java
class files, not Win32 object files).

The most reliable way to build an obfuscator is to parse the source
language according to the source language lexical and syntax rules
into compiler-like data structures, carry out the obfuscation, and
then unparse back to source text. This ensures that the syntax
structures found match those of the language. All of SD's obfuscators
are built as extensions of source code
formatters, based on DMS's
ability to parse and prettyprint source files, and are based on
the language definition modules used to
drive DMS for large scale software reengineering tasks.

The obfuscator is applied to a set of files at once, and obfuscates
them all consistently. Each obfuscator run produces an obfuscation
map showing how identifiers were scrambled, as reference, or to ensure
that later obfuscations scramble symbols in the same way. This might
be used to ship obfuscated source updates to customers.

All SD's obfuscators are designed to operate as command-line style
programs, to enable inclusion in scripts used for production purposes.
There is a GUI available for initial configuration and operation.
Consistent handling of formatting switches and I/O conventions across
formatters and obfuscators aid software engineering staff when
handling the multiple languages typically used by an organization.

SD's obfuscators are presently available on Windows 2003, XP, or later operating systems.

Available Obfuscators

SD offers a family of obfuscators based on DMS. Presently available are:

What Customers Are Saying

"Your obfuscator is exactly what we were looking for! Even if a 'prettyfier' were used it would be terminally painful for me to reverse engineer code I wrote myself after running it through Semantic Design's tool. Semantic Designs clearly put lots of thought into it."
-- Eric Derbez

Custom Obfuscation Options

Semantic Designs can build custom obfuscators with special features:

FORTRAN or other standard programming languages

Unusual or custom languages or dialects

Encryption of literal strings (removes easy clues from binary dumps)

Program transformations to scramble logic while preserving function

Watermarks and hidden copyrights

Topics

Semantic Designs- Our Goal

To enable our customers to produce and maintain timely, robust and economical software by providing world-class Software Engineering tools using deep language and problem knowledge with high degrees of automation.